TAMPER SECURE CIRCUITRY ESPECIALLY FOR POINT OF SALE TERMINAL

- VERIFONE, INC.

Tamper secure circuitry including a first printed circuit board having mounted thereon circuit components and a slotted anti-tamper grid containing printed circuit board mounted onto the first printed circuit board defining at least one slot and arranged to overlie at least some of the circuit components, which are located in a volume defined by the at least one slot and the first printed circuit board.

Skip to: Description  ·  Claims  · Patent History  ·  Patent History
Description
REFERENCE TO RELATED APPLICATIONS

The following patents and patent applications are believed to be related to the present application and their disclosures are hereby incorporated by reference:

  • U.S. Pat. Nos. 6,853,093; 7,497,378; 7,784,691; 6,646,565;
  • U.S. Published Patent Application Nos. 2008/0180245; 2009/0058628 and 2009/0184850;
  • U.S. patent application Ser. Nos. 12/758,150 and 12/837,192;
  • GB2411756; EP1421549 and EP1676182; and
  • Published PCT Patent Application WO 2010/082190.

FIELD OF THE INVENTION

The present invention relates to tamper secure circuitry generally.

BACKGROUND OF THE INVENTION

The following patent publications are believed to represent the current state of the art:

  • U.S. Pat. Nos. 6,853,093; 7,497,378; 7,784,691; 6,646,565;
  • U.S. Published Patent Application Nos. 2008/0180245; 2009/0058628 and 2009/0184850; and
  • GB2411756; EP1421549 and EP1676182.

SUMMARY OF THE INVENTION

The present invention seeks to provide improved tamper secure circuitry.

There is thus provided in accordance with a preferred embodiment of the present invention tamper secure circuitry including a first printed circuit board having mounted thereon circuit components and a slotted anti-tamper grid containing printed circuit board mounted onto the first printed circuit board defining at least one slot and arranged to overlie at least some of the circuit components, which are located in a volume defined by the at least one slot and the first printed circuit board.

Preferably, the circuit components mounted onto the first printed circuit board underlying the slotted anti-tamper grid containing printed circuit board include tamper sensitive circuit components. Additionally, the first printed circuit board is a multilayer printed circuit board and includes tamper sensitive vias which underlie the volume.

In accordance with a preferred embodiment of the present invention at least some of the circuit components which are located in the volume overlie at least some of the tamper sensitive vias which underlie the volume. Additionally, at least some of the circuit components which are located in the volume and overlie at least some of the tamper sensitive vias are tamper sensitive components. Preferably, at least some of the circuit components which are located in the volume and overlie at least some of the tamper sensitive vias are not tamper sensitive components.

In accordance with a preferred embodiment of the present invention the circuit components mounted onto the first printed circuit board underlying the slotted anti-tamper grid containing printed circuit board include data security critical circuit components.

Preferably, the first printed circuit board is a multilayer printed circuit board and includes data security critical vias which underlie the volume. Additionally, at least some of the circuit components which are located in the volume overlie at least some of the data security critical vias which underlie the volume. Preferably, at least some of the circuit components which are located in the volume and overlie at least some of the data security critical vias are tamper sensitive components. Preferably, at least some of the circuit components which are located in the volume and overlie at least some of the data security critical vias are not tamper sensitive components.

In accordance with a preferred embodiment of the present invention the circuit components mounted onto the first printed circuit board underlying the slotted anti-tamper grid containing printed circuit board include tamper sensitive and data security critical circuit components.

Preferably, the first printed circuit board is a multilayer printed circuit board and includes tamper sensitive and data security critical vias which underlie the volume. Additionally, at least some of the circuit components which are located in the volume overlie at least some of the tamper sensitive and data security critical vias which underlie the volume. Preferably, at least some of the circuit components which are located in the volume and overlie at least some of the tamper sensitive and data security critical vias are tamper sensitive components. Preferably, at least some of the circuit components which are located in the volume and overlie at least some of the data security critical vias are not tamper sensitive components.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention will be understood and appreciated more fully from the following detailed description, taken in conjunction with the drawing in which:

FIG. 1 is a simplified partially pictorial, partially sectional, partial illustration of a point of sale device including tamper secure circuitry constructed and operative in accordance with a preferred embodiment of the present invention.

 DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT

Reference is now made to FIG. 1, which is a simplified partially pictorial, partially sectional, partial illustration of a point of sale device including tamper secure circuitry constructed and operative in accordance with a preferred embodiment of the present invention.

As seen in FIG. 1, there is provided a point of sale device 100, such as a point of sale device having an overall configuration and functionality similar to that of a VX 520, commercially available from Verifone Inc. The point of sale device 100 typically includes a housing defined by top and bottom housing portions 102 and 104 respectively, which enclose a printed circuit board 106 on which Personal Identification Number (PIN) keypads 108 are mounted. Printed circuit board 106 preferably also includes various circuit components, generally designated by reference numeral 110. One or more additional printed circuit boards are also mounted within the housing and typically include a printed circuit board 112 on which is formed a protected enclosure, such as described in assignee's U.S. Pat. No. 6,853,093, the disclosure of which is hereby incorporated by reference.

In accordance with a preferred embodiment of the present invention, there is provided on a printed circuit board, here printed circuit board 106, a slotted, anti-tamper grid containing, protective printed circuit board 114, which is mounted onto printed circuit board 106 and defines at least one slot 116. Slot 116 is arranged to overlie and protect from tampering at least some circuit components, generally designated by reference numeral 118, including circuit components, such as a Surface Mount Technology (SMT) resistor 120, an SMT capacitor 122 and integrated circuits 124 and 126, which are located in a volume 128 defined by slot 116 and by printed circuit board 106.

It is appreciated that, although in the illustrated embodiment shown in FIG. 1 circuit components 118 are uniform in size, circuit components 118 need not be uniform in size and may include any suitable circuit components.

Preferably some or all of circuit components 118 are data security critical circuit components and/or tamper-sensitive circuit components. The term “data security-critical” is defined for the purposes of the present application as containing or carrying security-critical data, such as PIN codes, access codes, or personal identity information. The term “tamper-sensitive” is defined for the purposes of the present application as being responsive to tampering. SMT resistor 120 and SMT capacitor 122 are examples of such data security critical circuit components and integrated circuits 124 and 126 are examples of a tamper-sensitive circuit components. Integrated circuit 124 may also be a data security critical circuit component.

As seen in pictorial enlargement A, pictorial enlargement B and in further sectional enlargement C, taken along the lines C-C in pictorial enlargement A, preferably, printed circuit board 106 is a multilayer printed circuit board and includes at least one tamper-sensitive via 130 which underlies volume 128.

In accordance with a preferred embodiment of the present invention, at least one of the circuit components 118 which are located in volume 128, defined by slot 116 and printed circuit board 106, overlies tamper-sensitive via 130, which underlies volume 128.

Additionally in accordance with a preferred embodiment of the present invention, at least one of the circuit components 118, located in volume 128 which overlies tamper-sensitive via 130, is a tamper-sensitive component, such as integrated circuit 126, which is not operatively connected to tamper-sensitive via 130.

Additionally in accordance with a preferred embodiment of the present invention, a data security critical circuit component, such as SMT resistor 120, located in volume 128, overlies a non secure via 132 and a data security critical via 134 and is operatively connected thereto. Preferably, for enhanced security, the non secure via 132 is closer to the exterior of the protective printed circuit board 114 than the data security critical via 134.

Further in accordance with a preferred embodiment of the present invention, at least one of the circuit components 118 mounted onto printed circuit board 106 underlying the slotted anti-tamper grid containing printed circuit board 114 is a data security critical circuit component, such as SMT capacitor 122. Data security critical SMT capacitor 122 is connected to and overlies data security critical vias 136 and 138 and may also overlie but not be connected to any type of via, whether or not data security critical or tamper-sensitive. In the illustrated embodiment, SMT capacitor 122 overlies but is not connected to a data security critical via 140, which is connected to a PIN keypad 108, here designated as keypad 142. PIN keypad 142 is also connected to a data security critical via 144.

In the illustrated example data security critical via 144 underlies volume 128 but does not underlie a circuit component mounted therein.

Also, in the illustrated example a tamper-sensitive via 146 underlies volume 128 but does not underlie a circuit component mounted therein.

Additionally in accordance with a preferred embodiment of the present invention, a tamper sensitive component, such as integrated circuit 124, which is also a data security critical circuit component, overlies data security critical vias 148 and 150 which may or may not be operatively connected thereto.

Alternatively circuit components 118 within volume 128 which overlie data security critical vias or tamper-sensitive vias may be neither data security critical components nor tamper-sensitive components.

As a further alternative, circuit components 118 within volume 128 which overlie data security critical vias or tamper-sensitive vias may be both data security critical and tamper-sensitive.

As seen in FIG. 1, the slotted, anti-tamper grid containing, printed circuit board 114 preferably is mounted on printed circuit board 106 by a ball grid array (BGA) type connection, designated generally by reference numeral 160. In accordance with a preferred embodiment of the present invention, the slotted, anti-tamper grid containing, printed circuit board 114 is formed with a ground plane 162 at its top which is coupled via grounding vias 164, balls 166 of the ball grid array connection 160, and grounding vias 168 extending through printed circuit board 106 to a ground plane 170 of printed circuit board 106.

In accordance with a preferred embodiment of the present invention, a tamper sensitive grid 172 is formed in the slotted, anti-tamper grid containing, printed circuit board 114 typically below ground plane 162. A typical configuration of tamper-sensitive grid is shown in enlargement D and typically comprises a plurality of conductors which are in extremely close propinquity, such that any physical tampering with them creates either a short circuit or a circuit break.

Tamper-sensitive grid 172 is preferably coupled via tamper-sensitive vias 174, balls 176 of the ball grid array connection 160 and tamper-sensitive connections 178, which include via 130, and additional tamper-sensitive grids 180 formed in printed circuit board 106, to tamper detection circuitry 182, which is preferable embodied in a secured integrated circuit 184, which typically has various additional functions aside from tamper sensing. Secured integrated circuit 184 is preferably connected to an underside of printed circuit board 106 by means of a ball grid array (BGA) type connection 190. Secured integrated circuit 184 is characterized in that it includes integral anti-tamper protection.

Balls 192, 194, 196, 198, 200, 204, 208 and 210 of the ball grid array connection 190 provide connections between respective vias 132, 134, 136, 138, 140, 144, 148 and 150 and secured integrated circuit 184. Ball 192 is preferably connected to ground.

Balls 220 and 226 of the ball grid array connection 190 provide connections between respective tamper-sensitive vias 130 and 146 and secured integrated circuit 184.

Tamper detection circuitry 182 preferably is operative in response to sensed tampering with any of the tamper-sensitive components or vias to provide a suitable tamper response. The tamper response is typically one or more of the following: an audio and/or visual alarm, a remote alarm indication, disabling of functionality of all or part of the circuitry and erasing or deleting all or part of information contained in a memory.

It is a particular feature of the present invention that the protective structure described hereinabove provides credible anti-tamper protection for through hole vias, such as vias 132, 134, 136, 138, 140, 144, 146, 148 and 150, which are significantly less costly than vias which do not extend entirely through a printed circuit board and are inherently less vulnerable to tampering.

It is a particular feature of the present invention that credible anti-tamper protection is afforded to data-critical vias associated with PIN keypads 108, such as vias 140 and 144, by the protective structure of the present invention as described above.

It is a particular feature of the present invention that the slotted, anti-tamper grid containing, printed circuit board 114 may be placed at any suitable location on a printed circuit board where data critical components are present and thus often obviates the need to route critical data to a central protected location. Elimination of such routing enhances security of the data as well as signal quality due to reduced signal path lengths. An example applicable to the illustrated embodiment is placement of a slotted, anti-tamper grid containing, printed circuit board 114 at a location adjacent a card reading head, whose output is data critical.

It will be appreciated by persons skilled in the art that the present invention is not limited by what has been particularly shown and described hereinabove. Rather the scope of the present invention includes both combinations and subcombinations of the various features described hereinabove as well as modifications thereof which would occur to persons skilled in the art upon reading the foregoing description and which are not in the prior art.

Claims

1. Tamper secure circuitry comprising:

a first printed circuit board having mounted thereon circuit components; and
a slotted anti-tamper grid containing printed circuit board mounted onto said first printed circuit board defining at least one slot and arranged to overlie at least some of said circuit components, which are located in a volume defined by said at least one slot and said first printed circuit board.

2. Tamper secure circuitry according to claim 1 and wherein said circuit components mounted onto said first printed circuit board underlying said slotted anti-tamper grid containing printed circuit board include tamper sensitive circuit components.

3. Tamper secure circuitry according to claim 2 and wherein said first printed circuit board is a multilayer printed circuit board and includes tamper sensitive vias which underlie said volume.

4. Tamper secure circuitry according to claim 3 and wherein at least some of said circuit components which are located in said volume overlie at least some of said tamper sensitive vias which underlie said volume.

5. Tamper secure circuitry according to claim 4 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said tamper sensitive vias are tamper sensitive components.

6. Tamper secure circuitry according to claim 5 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said tamper sensitive vias are not tamper sensitive components.

7. Tamper secure circuitry according to claim 1 and wherein said first printed circuit board is a multilayer printed circuit board and includes tamper sensitive vias which underlie said volume.

8. Tamper secure circuitry according to claim 7 and wherein at least some of said circuit components which are located in said volume overlie at least some of said tamper sensitive vias which underlie said volume.

9. Tamper secure circuitry according to claim 8 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said tamper sensitive vias are tamper sensitive components.

10. Tamper secure circuitry according to claim 9 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said tamper sensitive vias are not tamper sensitive components.

11. Tamper secure circuitry according to claim 1 and wherein said circuit components mounted onto said first printed circuit board underlying said slotted anti-tamper grid containing printed circuit board include data security critical circuit components.

12. Tamper secure circuitry according to claim 11 and wherein said first printed circuit board is a multilayer printed circuit board and includes data security critical vias which underlie said volume.

13. Tamper secure circuitry according to claim 12 and wherein at least some of said circuit components which are located in said volume overlie at least some of said data security critical vias which underlie said volume.

14. Tamper secure circuitry according to claim 13 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are tamper sensitive components.

15. Tamper secure circuitry according to claim 13 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are not tamper sensitive components.

16. Tamper secure circuitry according to claim 1 and wherein said first printed circuit board is a multilayer printed circuit board and includes data security critical vias which underlie said volume.

17. Tamper secure circuitry according to claim 16 and wherein at least some of said circuit components which are located in said volume overlie at least some of said data security critical vias which underlie said volume.

18. Tamper secure circuitry according to claim 17 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are tamper sensitive components.

19. Tamper secure circuitry according to claim 17 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are not tamper sensitive components.

20. Tamper secure circuitry according to claim 1 and wherein said circuit components mounted onto said first printed circuit board underlying said slotted anti-tamper grid containing printed circuit board include tamper sensitive and data security critical circuit components.

21. Tamper secure circuitry according to claim 20 and wherein said first printed circuit board is a multilayer printed circuit board and includes tamper sensitive and data security critical vias which underlie said volume.

22. Tamper secure circuitry according to claim 21 and wherein at least some of said circuit components which are located in said volume overlie at least some of said tamper sensitive and data security critical vias which underlie said volume.

23. Tamper secure circuitry according to claim 22 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said tamper sensitive and data security critical vias are tamper sensitive components.

24. Tamper secure circuitry according to claim 22 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are not tamper sensitive components.

25. Tamper secure circuitry according to claim 1 and wherein said first printed circuit board is a multilayer printed circuit board and includes tamper sensitive and data security critical vias which underlie said volume.

26. Tamper secure circuitry according to claim 25 and wherein at least some of said circuit components which are located in said volume overlie at least some of said tamper sensitive and data security critical vias which underlie said volume.

27. Tamper secure circuitry according to claim 26 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are tamper sensitive components.

28. Tamper secure circuitry according to claim 26 and wherein at least some of said circuit components which are located in said volume and overlie at least some of said data security critical vias are not tamper sensitive components.

Patent History
Publication number: 20120106113
Type: Application
Filed: Oct 27, 2010
Publication Date: May 3, 2012
Patent Grant number: 8593824
Applicant: VERIFONE, INC. (San Jose, CA)
Inventor: Ehud KIRMAYER (Moshav)
Application Number: 12/913,394
Classifications
Current U.S. Class: Plural (361/784)
International Classification: H05K 1/14 (20060101);